zeronetworks / rpcfirewallLinks
☆519Updated 2 weeks ago
Alternatives and similar repositories for rpcfirewall
Users that are interested in rpcfirewall are comparing it to the libraries listed below
Sorting:
- Event Tracing For Windows (ETW) Resources☆389Updated 8 months ago
- A centralized resource for previously documented WDAC bypass techniques☆563Updated last month
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆331Updated 2 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆500Updated 2 years ago
- Aims to identify sleeping beacons☆604Updated 6 months ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆264Updated last year
- ☆380Updated 2 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆225Updated 4 years ago
- Scan installed EDRs and AVs on Windows☆585Updated last month
- A C# utility for interacting with SCCM☆637Updated 9 months ago
- ☆250Updated last year
- ☆201Updated 7 months ago
- MAL-CL (Malicious Command-Line)☆313Updated 2 years ago
- An effort to track security vendors' use of Microsoft's Antimalware Scan Interface☆250Updated 3 years ago
- Sysmon-Like research tool for ETW☆354Updated 2 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- ☆545Updated last year
- ☆469Updated 7 months ago
- A PowerShell armoury for security guys and girls☆473Updated last year
- Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.☆811Updated 2 months ago
- Active Directory delegation management tool☆301Updated 2 years ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆467Updated 11 months ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆488Updated 2 years ago
- "Golden" certificates☆689Updated 10 months ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆447Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆943Updated last year
- Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.☆174Updated 4 months ago
- Check for LDAP protections regarding the relay of NTLM authentication☆494Updated 7 months ago
- Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories,…☆714Updated last year
- Sysmon configuration file template with default high-quality event tracing☆489Updated last year